7874740e4a317e19251fc8c2cb7f1cbe518472642a6c192bacfb29b3560524a7 | Triage

Submit
Reports

Overview

overview

7

Static

static

7874740e4a...a7.exe

windows7-x64

7

7874740e4a...a7.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

7874740e4a317e19251fc8c2cb7f1cbe518472642a6c192bacfb29b3560524a7.exe

Resource

win7-20220812-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

7874740e4a317e19251fc8c2cb7f1cbe518472642a6c192bacfb29b3560524a7.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

7874740e4a317e19251fc8c2cb7f1cbe518472642a6c192bacfb29b3560524a7
Size

10KB
MD5

3932acb2f54dffcd7d3c794145b0a9e0
SHA1

968ec5f04fb08eb76ec1dfca9c7129fade5d0929
SHA256

7874740e4a317e19251fc8c2cb7f1cbe518472642a6c192bacfb29b3560524a7
SHA512

72aa3a4f16bf196a9df3e00de6b1419e870238ac93bcd3a896b3e59fee1f23c56807cec82407987b396b23241d7711a77cfc1f2f943d147c090212f845d16ad9
SSDEEP

192:FjF7uL4II5qrSKfQkmn16yIa/SQJQMSBrcSg:RMMF5WSBkSVJPJQMSBr9

Score

N/A

Malware Config

Signatures

Files

7874740e4a317e19251fc8c2cb7f1cbe518472642a6c192bacfb29b3560524a7
.exe windows x86

9add77c7b69e561d295658d70f5913ef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfA
CharLowerA

kernel32

ExitProcess
GetModuleFileNameA
GetTempPathA
GetThreadContext
GetTickCount
GlobalAlloc
GlobalFree
ResumeThread
RtlUnwind
SetThreadContext
Sleep
DeleteFileA
WaitForSingleObject
WriteFile
lstrcatA
lstrcpyA
lstrlenA
SetProcessAffinityMask
HeapAlloc
HeapFree
GetProcessHeap
CreateProcessA
GetVersionExA
GetComputerNameW
VirtualFree
DeviceIoControl
LocalFree
CreateFileA
CopyFileA
CloseHandle
TerminateProcess
VirtualAlloc

ntdll

ZwMapViewOfSection
ZwUnmapViewOfSection
ZwClose
ZwOpenSection
ZwQuerySystemInformation
ZwSystemDebugControl
_snwprintf
strstr
strrchr
strcmp
strcat
memcpy
memset
strlen
wcscat

advapi32

OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
SetSecurityInfo
GetUserNameA
SetEntriesInAclA
GetSecurityInfo

shell32

ShellExecuteA
SHGetFolderPathA

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 562KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy